In order to coordinate the creation of unique user names and numeric user IDs (UIDs) on Boston University UNIX systems, the University implemented a global UID system, under which user names and UIDs are allocated from a central server.
The UserAdm tools are your interface to the global UID system. They ease the task of creating new accounts, checking for “dead” accounts, and making sure that only authorized users have accounts on your system.
Why Use A Global UID Database?
A global UID systems brings several advantages to our computing environment:
* The centralized database helps prevent outdated or unauthorized accounts by comparing database entries to the registrar’s data.
* The database makes backups interchangeable between systems. File ownership is UID based, thus when each user has a UID that is unique across the University, files can be restored onto any system without creating conflicts. Global UID compliance is mandatory for systems taking advantage of IT Operations’ centralized backups.
* A centralized server allows the creation of an online directory service (the ‘ph’ system).
* Global UIDS make it possible to mount NFS filesystems across administrative boundaries. Since NFS software recognizes UIDs rather than usernames, UIDs can be associated with varied usernames without threatening shared filesystems.
Global UID Basics
Each member of the Boston University community has an entry in the central database server. Registered BU students, faculty, and staff have this entry created automatically. Other users (e.g., visiting professors) must have this entry created in the central database via the pre-approve program.
The central database entry does not represent an account on any particular system, but is a precursor to creating one. The database lacks the following information which is necessary to create an account on a specific system:
group(s)
home directory
shell
This information is created on a local system through the UserAdm tools. A user wishing to have an account on a particular machine must run new on that machine and then have the account approved by the system administrator.
This document will discuss how you, as a system administrator, can obtain, install, configure, and use the UserAdm tools to make your life easier and your system more secure.